Vanguard is seeking an Application Security Penetration Tester to provide senior-level technical expertise in the development and support of tools, processes, and activities used to assess, validate, and ensure the security and integrity of systems, architectures, and configurations. This role involves conducting comprehensive security assessments, performing risk analysis, and evaluating contingency plans for Vanguard’s business applications, systems, networks, and websites. The ideal candidate will play a critical role in identifying vulnerabilities and strengthening the organization’s security posture. This Hybrid role (in office Tues-Wed-Thurs) can be based in Charlotte, Dallas, TX, or Malvern, PA (HQ)

QUALIFICATIONS:

• Minimum five years related work experience with three years’ experience in IT security or application development.
• Undergraduate degree in related field or equivalent combination of training and experience.
• Preferred security certification such as ISC2 CISSP, GIAC Security, Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

• Leads and conducts security assessments to measure the adequacy of existing information security controls. Identifies potential and actual system vulnerabilities, integration requirement and ramifications, and emerging strategic security needs and recommends corrective measures.
• Coordinates reporting on information security risks and works with IT sub-divisions, third party partners, and business units in identifying the impact of technology implementations on IT and business unit operations.
• Leads and maintains the evaluation and assessment process of in determining security requirements for data systems, networks, or websites. Identifies system issues and recommends technical security solutions. and coordinates and leads the adoption of new security initiatives and solutions.
• Leads technical support for assessments of assets, risks, and the implementation of appropriate data security procedures and products. Ensures security requirements are met during implementation.
• Ensures the adequacy of development, testing and implementation processes for security plans, risk assessments, products, and control techniques.
• Evaluates Vanguard technical acquisitions, infrastructure and development processes, and investigates complex potential or actual information security violations to ensure that adequate security measures are established and maintained, according to established policies.
• Leads and coordinates security assessment plans, participates in the security vulnerability mitigation and acceptance process, and assists with managing vendor relationships.
• Participates in special projects and performs other duties as assigned.